> Do we need a way to bulk-submit elements of a package for signing, and if so, > what would that format be? Then the service would unpack the set (.jar/.zip? > Or .tar? .msi?) sign the components and repack it.
Unless the behavior of the bulk-signing service was significantly different from the individual JAR-signing service, or there were performance issues with the individual service, I don't personally see a strong justification for providing a bulk-signing service right now. My suggestion would be to take the simpler approach for now and iterate on it as needed. Greg
